Documentation
¶
Index ¶
- Constants
- Variables
- func ClearValidation(userID string, store ValidationStore) error
- func GenerateProvisioningURI(secret, accountName string, config TOTPConfig) string
- func GenerateSecret(size int) (string, error)
- func GenerateTOTPCode(secret string, config TOTPConfig) (string, error)
- func NewMiddleware(options ...func(*MiddlewareConfig)) mist.Middleware
- func Validate(ctx *mist.Context, userID, code string, totp *TOTP, store ValidationStore, ...) error
- func ValidateTOTPCode(secret, code string, config TOTPConfig) bool
- func WithGetUserID(fn func(*mist.Context) (string, error)) func(*MiddlewareConfig)
- func WithRedirectURL(url string) func(*MiddlewareConfig)
- func WithStore(store ValidationStore) func(*MiddlewareConfig)
- func WithUnauthorizedHandler(handler func(*mist.Context)) func(*MiddlewareConfig)
- func WithValidationDuration(duration time.Duration) func(*MiddlewareConfig)
- type MemoryStore
- type MiddlewareConfig
- type TOTP
- type TOTPConfig
- type ValidationStore
Constants ¶
View Source
const ( // MFACookieName 用于标记MFA验证状态的Cookie名 MFACookieName = "_mfa_validated" // MFASessionKey 用于在Session中存储MFA状态的键 MFASessionKey = "_mfa_status" // DefaultValidationDuration MFA验证状态默认有效期 DefaultValidationDuration = 12 * time.Hour )
View Source
const ( // 默认TOTP参数 DefaultDigits = 6 DefaultPeriod = 30 DefaultAlgorithm = "SHA1" DefaultIssuer = "Mist" )
Variables ¶
View Source
var ( // ErrMFARequired 表示需要多因素验证 ErrMFARequired = errors.New("需要多因素验证") // ErrInvalidMFACode 表示MFA验证码无效 ErrInvalidMFACode = errors.New("无效的多因素验证码") )
Functions ¶
func ClearValidation ¶
func ClearValidation(userID string, store ValidationStore) error
ClearValidation 清除MFA验证状态
func GenerateProvisioningURI ¶
func GenerateProvisioningURI(secret, accountName string, config TOTPConfig) string
GenerateProvisioningURI 生成TOTP配置URI 用于生成二维码,让用户扫码添加到验证器应用(如Google Authenticator)
func GenerateTOTPCode ¶
func GenerateTOTPCode(secret string, config TOTPConfig) (string, error)
GenerateTOTPCode 基于密钥和当前时间生成TOTP代码
func NewMiddleware ¶
func NewMiddleware(options ...func(*MiddlewareConfig)) mist.Middleware
New 创建新的MFA中间件
func Validate ¶
func Validate(ctx *mist.Context, userID, code string, totp *TOTP, store ValidationStore, duration time.Duration) error
Validate 验证MFA代码
func ValidateTOTPCode ¶
func ValidateTOTPCode(secret, code string, config TOTPConfig) bool
ValidateTOTPCode 验证TOTP代码 允许1个时间周期的误差(前后30秒)
func WithGetUserID ¶
func WithGetUserID(fn func(*mist.Context) (string, error)) func(*MiddlewareConfig)
WithGetUserID 设置获取用户ID的函数
func WithRedirectURL ¶
func WithRedirectURL(url string) func(*MiddlewareConfig)
WithRedirectURL 设置重定向URL
func WithUnauthorizedHandler ¶
func WithUnauthorizedHandler(handler func(*mist.Context)) func(*MiddlewareConfig)
WithUnauthorizedHandler 设置未授权处理函数
func WithValidationDuration ¶
func WithValidationDuration(duration time.Duration) func(*MiddlewareConfig)
WithValidationDuration 设置验证有效期
Types ¶
type MemoryStore ¶
type MemoryStore struct {
// contains filtered or unexported fields
}
MemoryStore 内存实现的MFA验证状态存储
type MiddlewareConfig ¶
type MiddlewareConfig struct {
// Store MFA验证状态存储
Store ValidationStore
// GetUserID 从请求上下文中获取用户ID的函数
GetUserID func(*mist.Context) (string, error)
// ValidationDuration MFA验证有效期
ValidationDuration time.Duration
// RedirectURL 未验证时重定向的URL
RedirectURL string
OnUnauthorized func(*mist.Context)
}
Config MFA中间件配置
type TOTP ¶
type TOTP struct {
Secret string
Config TOTPConfig
}
TOTP 是一个简化使用的TOTP结构体
func NewTOTPWithSecret ¶
func NewTOTPWithSecret(secret string, config ...TOTPConfig) *TOTP
NewTOTPWithSecret 使用已有密钥创建TOTP实例
func (*TOTP) ProvisioningURI ¶
ProvisioningURI 生成配置URI
Source Files
Click to show internal directories.
Click to hide internal directories.